Quantum computer

A quantum computer is a device that relies on distinctly quantum mechanical resources such as superposition and entanglement. Experiments have already been carried out which can be regarded as implementing a quantum computation operating on data of very small size. Size is used here in the sense of the amount of memory required to hold the data; in classical computation data size is measured in number of bits, whereas in quantum computation the data size is measured in qubits. See the Nature article in the references below reporting on work at IBM Almaden Research Center, where scientists implemented a seven qubit computing device that ran Shor's factorization algorithm. Research in both theoretical and practical areas continues at a frenetic pace; see [1] for a sense of where the research is heading. Many national government and military funding agencies support quantum computing research, to develop quantum computers for both civilian and national security purposes, such as cryptography.

It is widely believed that if large-scale quantum computers can be built, they will be able to solve certain problems faster than any classical computer. Quantum computers are different from classical computers such as DNA computers and computers based on transistors, even though these may ultimately use some kind of quantum mechanical effect (for example covalent bonds). Some computing architectures such as optical computers may use classical superposition of electromagnetic waves, but without some specifically quantum mechanical resource such as entanglement, they do not share the potential for computational speed-up of quantum computers.

The basis for quantum computation

In quantum mechanics, the description of the state of a physical system (such as an electron or a photon) is described by an element of a mathematical object called a Hilbert space. The realization of the Hilbert space depends on the particular system. For instance in the case of a single particle system, the state can be described by a complex-valued function defined on R³ (three-dimensional space) called a wave function. As described in the article on quantum mechanics, this function has a probabilistic interpretation; of particular significance is that quantum states have a property called superposition. A similar realization of the Hilbert space exists for systems of interacting particles. The time evolution of the system state is given by a family {U_t} (with t denoting time) of unitary transformations of H. Thus if φ is the state at time 0, then U_t φ is the state at time t. Note that this is true only if the system is isolated and the phenomenon of decoherence does not occur.

A classical computer has a memory made up of bits, where each bit holds either a one or a zero. The device computes by manipulating those bits, i.e. by transporting these bits from memory to (possibly a suite of) logic gates and back. A quantum computer maintains a set of qubits. A qubit can hold a one, or a zero, or a superposition of these. A quantum computer operates by manipulating those qubits, i.e. by transporting these bits from memory to (possibly a suite of) quantum logic gates and back.

Qubits for a quantum computer can be implemented using particles with two spin states: "up" and "down"; in fact any system, possesing an observable quantity A which is conserved under time evolution and such that A has at least two discrete and sufficiently spaced consecutive eigenvalues, is a suitable candidate for implementing a qubit.

For discussion of foundational aspects of quantum computing, see the article on quantum circuits.

Bits vs qubits

Consider first a classical computer that operates on a 3 bit register. At a given time, the register contains a single string of 3 bits, such as "101". A quantum computer on the other hand with a 3 qubit register can store 8 complex numbers as is illustrated in the following example:

For an n qubit quantum circuit, this table would have had 2ⁿ rows; for n=300, this is roughly 10⁹⁰, more rows than there are atoms in the known universe. Note that these values are not all independent, since the probability constraint must be met. One can show the dimension of the set of states of an n qubit register is 2ⁿ⁺¹ -2. See Bloch sphere.

The first column shows all possible states for three bits. Whereas a classical computer can hold only one such pattern at a time, a quantum computer can be in a superposition state of all 8 patterns. The second column shows the "amplitude" for each of the 8 states. These 8 complex numbers are a snapshot of the registers at a given time. In this sense, a 3-qubit quantum computer has far more memory than a 3-bit classical computer.

The third column of the table gives the probability for each possible register configuration. In this example, there is a 14% chance that the returned string will be "000", a 4% chance it will be "001", and so on. Each complex number (a+bi) is called an amplitude, and each probability (a²+b²) is called the squared amplitude, because it equals |a+bi|². The 8 probabilities add up to 1.

Initialization, execution and termination

In our example, the contents of the qubit registers can be thought of as an 8-dimensional complex vector. An algorithm for a quantum computer must initialize this vector in some specified form (dependent on the design of the quantum computer). On each step of the algorithm, that vector is modified by multiplying it by a unitary matrix. The matrix comes from the physics of the device. The unitary character of the matrix insures the matrix is invertible (so each step is reversible). Upon termination of the algorithm, the 8-dimensional complex vector stored in the register must be somehow read off from the qubit register by a quantum measurement. However, by the laws of quantum mechanics, that measurement will yield a random 3 bit string (and of course it will destroy the stored state as well). This random string can be used in computing the value of a function because (by design) the probability distribution of the measured output bitstring is skewed in favor of the correct value of the function. By repeated runs of the quantum computer and measurement of the output, the correct value can be determined, to a high probability, by majority polling of the outputs. See quantum circuit for a more precise formulation. In brief, quantum computations are probabilistic.

Let us consider the case of the NMR implementation of a quantum circuit. NMR differs from other implementations on quantum computers in that it uses an ensemble of systems, in this case molecules. The ensemble is initialized to be the thermal equilibrium state (see quantum statistical mechanics). In mathematical parlance, this state is given by the density matrix:

where H is the hamiltonian matrix of an individual molecule and

The unitary operations are performed by shooting a short pulse of radiation at the container of molecules. Different types of pulses result in different unitary matrices. The quantum algorithm is implemented by an appropriate sequence of pulses. Note that for a given algorithm, the operations will always be done in exactly the same order. There is no "IF THEN" statement to vary the order, since there is no way to read the state of a molecule before the final measurement.

For more details on the sequences of operations used for various algorithms, see universal quantum computer, Shor's algorithm, Grover's algorithm, Deutsch-Jozsa algorithm and quantum error correction.

The power of quantum computers

Integer factorization is believed to be practically impossible with an ordinary computer for large numbers (eg. 10³⁰⁰). By comparison, a quantum computer could solve this problem very quickly. If a number has n bits (is n digits long when written in the binary numeral system), then a quantum computer with just over 2n qubits can find its factors. It can also solve a related problem called the discrete log problem. This ability would allow a quantum computer to break many of the cryptographic systems in use today. In particular, most of the popular public key ciphers could be quickly broken, including forms of RSA, ElGamal and Diffie-Hellman. These are used to protect secure Web pages, encrypted email, and many other types of data. Breaking these would be significant. The only way to make an algorithm like RSA secure would be to make the key size larger than the largest quantum computer that can be built. It seems likely that it will always be possible to build classical computers that have more bits than the number of qubits in the largest quantum computer. If that's true, then algorithms like RSA could be made secure.

Perhaps not as surprisingly, quantum computers could also be useful for running simulations of quantum mechanics. The speedup could be just as large as for factoring. This could be of great practical benefit to many physicists.

This dramatic advantage of quantum computers is currently known to exist for only those three problems: factoring, discrete log, and quantum physics simulations. However, there is no proof that the advantage is real: an equally fast classical algorithm may still be discovered (though this is considered unlikely). There is one other problem where quantum computers have a smaller, though significant (quadratic) advantage. It is quantum database search, and can be solved by Grover's algorithm. In this case the advantage is provable. This establishes beyond doubt that (ideal) quantum computers are superior to classical computers.

Consider a problem has these four properties:

• The only way to solve it is to guess answers repeatedly and check them
• There are n possible answers to check
• Every possible answer takes the same amount of time to check
• There are no clues about which answers might be better. Generating possibilities randomly is just as good as checking them in some special order

An example of this is a password search for an encrypted file.

For problems with all four properties, it will take an average of n/2 guesses to find the answer using a classical computer. The time for a quantum computer to solve this will be proportional to the square root of n. That can be a very large speedup, reducing some problems from years to seconds. It can be used to attack symmetric ciphers such as 3DES and AES. But it is also easy to defend against. Just double the size of the key for the cipher. There are also more complicated methods for secure communication, such as using quantum cryptography.

There are currently no other practical problems known where quantum computers give a large speedup over classical computers. Research is continuing, and more problems may yet be found.

Problems with quantum computing

One of the major obstacles of quantum computing is the problem of decoherence, which causes the unitary character (and more specifically, the invertibility) of quantum computational steps to be violated. Decoherence times for candidate systems, in particular the transverse relaxation time T₂ (terminology used in NMR and MRI technology), typically range between nanoseconds and seconds at low temperature. Error rates are typically proportional to the ratio of operating time to decoherence time, hence any operation must be completed much quicker than the decoherence time. If the error rate is small enough, it is possible to use quantum error correction, which corrects errors due to decoherence thereby allowing total calculation times longer than the decoherence time. An often cited (but rather arbitrary) figure for required error rate in each gate is 10^-4. This implies that each gate must be able to perform its task 10,000 times faster than the decoherence time of the system.

Meeting this scalability condition is possible for a wide range of systems. However the use of error correction brings with it the cost of a greatly increased number of required qubits. The number required to factor integers using Shor's algorithm is still polynomial, and thought to be between L⁴ and L⁶, where L is the number of bits in the number to be factorised. For a 1000 bit number, this implies a need for 10¹²–10¹⁸ qubits. Fabrication and control of this large number of qubits is non-trivial for any of the proposed designs.

Practical quantum computers

David DiVincenzo, of IBM, listed the following requirements for a practical quantum computer:

• scalable physically to increase the number of qubits
• qubits can be initialized to arbitrary values
• quantum gates faster than decoherence
• Turing-complete gate set
• qubits can be read easily

There are a number of practical difficulties in building a quantum computer, and thus far quantum computers have only solved trivial problems. One major problem is keeping the components of the computer in a mixed state as the slightest interaction with the external world would cause the system to decohere.

Candidates

There are a number of quantum computing candidates, among those:

1. "NMR on molecules in solution"-based
2. "quantum dot on surface"-based
3. "laser acting on floating ions (in vacuum)"-based
4. molecular magnet-based
5. SQUID-based
6. the solid state NMR Kane quantum computer

Quantum computing in computational complexity theory

This section surveys what is currently known mathematically about the power of quantum computers. It describes the known results from computational complexity theory and the theory of computation dealing with quantum computers.

The class of problems that can be efficiently solved by quantum computers is called BQP, for "bounded error, quantum, polynomial time". Quantum computers only run randomized algorithms, so BQP on quantum computers is the counterpart of BPP on classical computers. It is defined as the set of problems solvable with a polynomial-time algorithm, whose probability of error is bounded away from one half. A quantum computer is said to "solve" a problem if, for every instance, its answer will be right with high probability. If that solution runs in polynomial time, then that problem is in BQP.

BQP is suspected to be disjoint from NP-Complete and a strict superset of P, but that is not known. Both integer factorization and discrete log are in BQP. Both of these problems are NP problems suspected to be outside P. Both are suspected to not be NP-Complete. There is a common misconception that quantum computers can solve NP-Complete problems in polynomial time. That is not known to be true, and is generally suspected to be false.

An operator for a quantum computer can be thought of as changing a vector by multiplying it with a particular matrix. Multiplication by a matrix is a linear operation. It has been shown that if a quantum computer could be designed with nonlinear operators, then it could solve NP-Complete problems in polynomial time. It could even do so for #P-Complete problems. It is not yet known whether such a machine is possible.

Although quantum computers are sometimes faster than classical computers, they can't solve any problems that classical computers can't solve, given enough time and memory. A Turing machine can simulate a quantum computer, so a quantum computer could never solve an undecidable problem like the Halting problem. The existence of quantum computers does not disprove the Church-Turing thesis.

See also

• Timeline of quantum computing
• Rapid Single Flux Quantum
• Reversible computing
• Quantum Algorithms
  • Shor's algorithm
  • Grover's algorithm
  • Deutsch-Jozsa algorithm

Further information

• Quantum computing is part of quantum information processing.

• Companies developing Quantum Computers
  • D-Wave Systems, Vancouver, BC, Canada
  • IBM

• Good general reference:
  • Centre for Quantum Computation, University of Oxford http://www.qubit.org
  • QCL - A Programming Language for Quantum Computers

• Thermal Ensembles
  • Overview of early developments, with links
  • The first two papers ever written on this topic: D.G Cory, A.F. Fahmy, T.F. Havel, Proc. Nat. Acad. of Science, 94, 1634 (1997), and N. Gershenfeld and I. Chuang, Science, 275, pp. 350-356, 1997. (download )

• Using quantum computers to simulation quantum systems:
  • Feynman, R. P. "Simulating Physics with Computers" International Journal of Theoretical Physics, Vol. 21 (1982) pp. 467-488.

• Quantum cryptography:
  • The first paper ever written on this: Wiesner, S. "Conjugate Coding" SIGACT News, Vol. 15, 1983, pp. 78-88; Brassard, G. and Bennett, C.H., Proceedings of the IEEE International Conference on Computer Systems and Signal Processing, 1984, p. 175 Ekert, A. "Quantum Cryptography Based on Bell's Theorem" Physical Review Letters, Vol. 67 1991 pp. 661-663.
  • The first paper ever published on this: Bennett, C. H., Brassard, G., Breidbart, S. and Wiesner, S., "Quantum cryptography, or unforgeable subway tokens", Advances in Cryptology: Proceedings of Crypto 82, August 1982, Plenum Press, pp. 267 - 275.
  • A listing of a huge number of quantum cryptography papers, with some discussion of them, is at http://www.cs.mcgill.ca/~crepeau/CRYPTO/Biblio-QC.html

• Universal quantum computer and the Church-Turing thesis:
  • Deutsch, D. "Quantum Theory, the Church-Turing Principle, and the Universal Quantum Computer" Proc. Roy. Soc. Lond. A400 (1985) pp. 97-117.

• Shor's factoring algorithm:
  • Shor, P. "Algorithms for quantum computation: discrete logarithms and factoring" Proceedings 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 20-22 Nov. 1994, IEEE Comput. Soc. Press (1994) pp. 124-134.
  • Jean-Pierre Seifert, "Using fewer Qubits in Shor's Factorization Algorithm via Simultaneous Diophantine Approximation," (download )
  • IBM's announcement of the first actual execution of the algorithm, which also gives the history of the first quantum computers with 2, 3, 5, and 7 qubits. Published in the December 19, 2001 issue of Nature.

• Quantum database search:
  • Grover, L. K. "A Fast Quantum Mechanical Algorithm for Database Search" Proceedings of the 28th Annual ACM Symposium on the Theory of Computing, Philadelphia, (1996) pp. 212-219.

• Quantum computer simulators:
  • libquantum - A library for quantum computer simulation
  • QCL - Simulation of quantum computing with a quantum computing language
  • Quantum::Entanglement - Quantum computation module for Perl.
  • QCF - Quantum computation toolbox for Matlab.
  • Fraunhofer Quantum Computing Simulator - A web-based quantum simulator (31 qubits) and a collaborative workspace for the quantum computing community.

• Quantum error correction:
  • Shor, P. W. "Scheme for reducing decoherence in quantum computer memory" Phys. Rev. A 52,(1995) pp. 2493-2496.
  • Calderbank, A. R. and Shor, P.W. "Good quantum error-correcting codes exist" Phys. Rev. A 54, (1996) pp. 1098-1106.
  • Shor. P. W. "Fault-tolerant quantum computation" Proc. 37nd Annual Symposium on Foundations of Computer Science, IEEE Computer Society Press, (1996) pp. 56-65.

• Quantum error avoidance:
  • D. A. Lidar, I.L. Chuang, K.B. Whaley, "Decoherence free subspaces for quantum computation", Phys. Rev. Lett 81, (1998) pp. 2594-2587

• Solving NP-Complete and #P-Complete problems:
  • Daniel S. Abrams (1), Seth Lloyd (2) ( (1) Dept. of Physics, MIT, (2) Dept. of Mechanical Engineering, MIT), 1998, "Nonlinear quantum mechanics implies polynomial-time solution for NP-complete and #P problems"(download )
  • Phil Gossett, 1998, "NP in BQP with Nonlinearity", (download )
  • Yu Shi, 2001, "Entanglement Between Bose-Einstein Condensates", Int. J. Mod. Phys. B, Vol. 15 (Sept 10, 2001) 3007-3030. (download here or here )

• For the interested non-expert:
  • West, J.(2000). The Quantum Computer - An Introduction. (Easy to understand explanation of quantum computing )
  • Hayes, Brian. "The square root of NOT", American Scientist Online (undated). (Logic gates in a Quantum Computer )